/Gedemin/Common/Wcrypt2.pas
Pascal | 1715 lines | 1091 code | 260 blank | 364 comment | 0 complexity | 5ffa2cba1a78630abdd143bc578c476a MD5 | raw file
1{******************************************************************} 2{ } 3{ Borland Delphi Runtime Library } 4{ Cryptographic API interface unit } 5{ } 6{ Portions created by Microsoft are } 7{ Copyright (C) 1993-1998 Microsoft Corporation. } 8{ All Rights Reserved. } 9{ } 10{ The original file is: wincrypt.h, 1992 - 1997 } 11{ The original Pascal code is: wcrypt2.pas, released 01 Jan 1998 } 12{ The initial developer of the Pascal code is } 13{ Massimo Maria Ghisalberti (nissl@dada.it) } 14{ } 15{ Portions created by Massimo Maria Ghisalberti are } 16{ Copyright (C) 1997-1998 Massimo Maria Ghisalberti } 17{ } 18{ Contributor(s): } 19{ Peter Tang (peter.tang@citicorp.com) } 20{ Phil Shrimpton (phil@shrimpton.co.uk) } 21{ } 22{ Obtained through: } 23{ } 24{ Joint Endeavour of Delphi Innovators (Project JEDI) } 25{ } 26{ You may retrieve the latest version of this file at the Project } 27{ JEDI home page, located at http://delphi-jedi.org } 28{ } 29{ The contents of this file are used with permission, subject to } 30{ the Mozilla Public License Version 1.1 (the "License"); you may } 31{ not use this file except in compliance with the License. You may } 32{ obtain a copy of the License at } 33{ http://www.mozilla.org/MPL/MPL-1.1.html } 34{ } 35{ Software distributed under the License is distributed on an } 36{ "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or } 37{ implied. See the License for the specific language governing } 38{ rights and limitations under the License. } 39{ } 40{******************************************************************} 41 42unit wcrypt2; 43 44{.$DEFINE NT5} 45 46{$ALIGN ON} 47 48{$IFNDEF VER90} 49 {$WEAKPACKAGEUNIT} 50{$ENDIF} 51 52interface 53 54uses 55 Windows 56 {$IFDEF VER90} 57 ,Ole2 58 {$ENDIF}; 59 60const 61 ADVAPI32 = 'advapi32.dll'; 62 CRYPT32 = 'crypt32.dll'; 63 SOFTPUB = 'softpub.dll'; 64{$IFDEF NT5} 65 ADVAPI32NT5 = 'advapi32.dll'; 66{$ENDIF} 67 68{Support Type} 69 70type 71 PVOID = Pointer; 72 LONG = DWORD; 73 {$IFDEF UNICODE} 74 LPAWSTR = PWideChar; 75 {$ELSE} 76 LPAWSTR = PAnsiChar; 77 {$ENDIF} 78 79//----------------------------------------------------------------------------- 80 // Type support for a pointer to an array of pointer (type **name) 81 PLPSTR = Pointer; // type for a pointer to Array of pointer a type 82 PPCERT_INFO = Pointer; // type for a pointer to Array of pointer a type 83 PPVOID = Pointer; // type for a pointer to Array of pointer a type 84 PPCCERT_CONTEXT = Pointer; // type for a pointer to Array of pointer a type 85 PPCCTL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type 86 PPCCRL_CONTEXT = Pointer; // type for a pointer to Array of pointer a type 87//----------------------------------------------------------------------------- 88 89//+--------------------------------------------------------------------------- 90// 91// Microsoft Windows 92// Copyright (C) Microsoft Corporation, 1992 - 1997. 93// 94// File: wincrypt.h 95// 96// Contents: Cryptographic API Prototypes and Definitions 97// 98//---------------------------------------------------------------------------- 99 100 101// 102// Algorithm IDs and Flags 103// 104 105// ALG_ID crackers 106function GET_ALG_CLASS(x:integer) :integer; 107function GET_ALG_TYPE(x:integer) :integer; 108function GET_ALG_SID(x:integer) :integer; 109 110Const 111 // Algorithm classes 112 ALG_CLASS_ANY = 0; 113 ALG_CLASS_SIGNATURE = (1 shl 13); 114 ALG_CLASS_MSG_ENCRYPT = (2 shl 13); 115 ALG_CLASS_DATA_ENCRYPT = (3 shl 13); 116 ALG_CLASS_HASH = (4 shl 13); 117 ALG_CLASS_KEY_EXCHANGE = (5 shl 13); 118 119 // Algorithm types 120 ALG_TYPE_ANY = 0; 121 ALG_TYPE_DSS = (1 shl 9); 122 ALG_TYPE_RSA = (2 shl 9); 123 ALG_TYPE_BLOCK = (3 shl 9); 124 ALG_TYPE_STREAM = (4 shl 9); 125 ALG_TYPE_DH = (5 shl 9); 126 ALG_TYPE_SECURECHANNEL = (6 shl 9); 127 128 // Generic sub-ids 129 ALG_SID_ANY = 0; 130 131 // Some RSA sub-ids 132 ALG_SID_RSA_ANY = 0; 133 ALG_SID_RSA_PKCS = 1; 134 ALG_SID_RSA_MSATWORK = 2; 135 ALG_SID_RSA_ENTRUST = 3; 136 ALG_SID_RSA_PGP = 4; 137 138 // Some DSS sub-ids 139 ALG_SID_DSS_ANY = 0; 140 ALG_SID_DSS_PKCS = 1; 141 ALG_SID_DSS_DMS = 2; 142 143 // Block cipher sub ids 144 // DES sub_ids 145 ALG_SID_DES = 1; 146 ALG_SID_3DES = 3; 147 ALG_SID_DESX = 4; 148 ALG_SID_IDEA = 5; 149 ALG_SID_CAST = 6; 150 ALG_SID_SAFERSK64 = 7; 151 ALD_SID_SAFERSK128 = 8; 152 ALG_SID_SAFERSK128 = 8; 153 ALG_SID_3DES_112 = 9; 154 ALG_SID_CYLINK_MEK = 12; 155 ALG_SID_RC5 = 13; 156 157 // Fortezza sub-ids 158 ALG_SID_SKIPJACK = 10; 159 ALG_SID_TEK = 11; 160 161 // KP_MODE 162 CRYPT_MODE_CBCI = 6; {ANSI CBC Interleaved} 163 CRYPT_MODE_CFBP = 7; {ANSI CFB Pipelined} 164 CRYPT_MODE_OFBP = 8; {ANSI OFB Pipelined} 165 CRYPT_MODE_CBCOFM = 9; {ANSI CBC + OF Masking} 166 CRYPT_MODE_CBCOFMI = 10; {ANSI CBC + OFM Interleaved} 167 168 // RC2 sub-ids 169 ALG_SID_RC2 = 2; 170 171 // Stream cipher sub-ids 172 ALG_SID_RC4 = 1; 173 ALG_SID_SEAL = 2; 174 175 // Diffie-Hellman sub-ids 176 ALG_SID_DH_SANDF = 1; 177 ALG_SID_DH_EPHEM = 2; 178 ALG_SID_AGREED_KEY_ANY = 3; 179 ALG_SID_KEA = 4; 180 181 // Hash sub ids 182 ALG_SID_MD2 = 1; 183 ALG_SID_MD4 = 2; 184 ALG_SID_MD5 = 3; 185 ALG_SID_SHA = 4; 186 ALG_SID_SHA1 = 4; 187 ALG_SID_MAC = 5; 188 ALG_SID_RIPEMD = 6; 189 ALG_SID_RIPEMD160 = 7; 190 ALG_SID_SSL3SHAMD5 = 8; 191 ALG_SID_HMAC = 9; 192 193 // secure channel sub ids 194 ALG_SID_SSL3_MASTER = 1; 195 ALG_SID_SCHANNEL_MASTER_HASH = 2; 196 ALG_SID_SCHANNEL_MAC_KEY = 3; 197 ALG_SID_PCT1_MASTER = 4; 198 ALG_SID_SSL2_MASTER = 5; 199 ALG_SID_TLS1_MASTER = 6; 200 ALG_SID_SCHANNEL_ENC_KEY = 7; 201 202 // Our silly example sub-id 203 ALG_SID_EXAMPLE = 80; 204 205{$IFNDEF ALGIDDEF} 206 {$DEFINE ALGIDDEF} 207Type ALG_ID = ULONG; 208{$ENDIF} 209 210// algorithm identifier definitions 211Const 212 CALG_MD2 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD2); 213 CALG_MD4 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD4); 214 CALG_MD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MD5); 215 CALG_SHA = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA); 216 CALG_SHA1 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SHA1); 217 CALG_MAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_MAC); 218 CALG_RSA_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_RSA or ALG_SID_RSA_ANY); 219 CALG_DSS_SIGN = (ALG_CLASS_SIGNATURE or ALG_TYPE_DSS or ALG_SID_DSS_ANY); 220 CALG_RSA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_RSA or ALG_SID_RSA_ANY); 221 CALG_DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_DES); 222 CALG_3DES_112 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES_112); 223 CALG_3DES = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_3DES); 224 CALG_RC2 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC2); 225 CALG_RC4 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_RC4); 226 CALG_SEAL = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_STREAM or ALG_SID_SEAL); 227 CALG_DH_SF = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_SANDF); 228 CALG_DH_EPHEM = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_DH_EPHEM); 229 CALG_AGREEDKEY_ANY = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_AGREED_KEY_ANY); 230 CALG_KEA_KEYX = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_DH or ALG_SID_KEA); 231 CALG_HUGHES_MD5 = (ALG_CLASS_KEY_EXCHANGE or ALG_TYPE_ANY or ALG_SID_MD5); 232 CALG_SKIPJACK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_SKIPJACK); 233 CALG_TEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_TEK); 234 CALG_CYLINK_MEK = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_CYLINK_MEK); 235 CALG_SSL3_SHAMD5 = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_SSL3SHAMD5); 236 CALG_SSL3_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL3_MASTER); 237 CALG_SCHANNEL_MASTER_HASH = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MASTER_HASH); 238 CALG_SCHANNEL_MAC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_MAC_KEY); 239 CALG_SCHANNEL_ENC_KEY = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SCHANNEL_ENC_KEY); 240 CALG_PCT1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_PCT1_MASTER); 241 CALG_SSL2_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_SSL2_MASTER); 242 CALG_TLS1_MASTER = (ALG_CLASS_MSG_ENCRYPT or ALG_TYPE_SECURECHANNEL or ALG_SID_TLS1_MASTER); 243 CALG_RC5 = (ALG_CLASS_DATA_ENCRYPT or ALG_TYPE_BLOCK or ALG_SID_RC5); 244 CALG_HMAC = (ALG_CLASS_HASH or ALG_TYPE_ANY or ALG_SID_HMAC); 245 246type 247 PVTableProvStruc = ^VTableProvStruc; 248 VTableProvStruc = record 249 Version :DWORD; 250 FuncVerifyImage :TFarProc; 251 FuncReturnhWnd :TFarProc; 252 dwProvType :DWORD; 253 pbContextInfo :PBYTE; 254 cbContextInfo :DWORD; 255end; 256 257//type HCRYPTPROV = ULONG; 258//type HCRYPTKEY = ULONG; 259//type HCRYPTHASH = ULONG; 260 261 262const 263 // dwFlags definitions for CryptAcquireContext 264 CRYPT_VERIFYCONTEXT = $F0000000; 265 CRYPT_NEWKEYSET = $00000008; 266 CRYPT_DELETEKEYSET = $00000010; 267 CRYPT_MACHINE_KEYSET = $00000020; 268 269 // dwFlag definitions for CryptGenKey 270 CRYPT_EXPORTABLE = $00000001; 271 CRYPT_USER_PROTECTED = $00000002; 272 CRYPT_CREATE_SALT = $00000004; 273 CRYPT_UPDATE_KEY = $00000008; 274 CRYPT_NO_SALT = $00000010; 275 CRYPT_PREGEN = $00000040; 276 CRYPT_RECIPIENT = $00000010; 277 CRYPT_INITIATOR = $00000040; 278 CRYPT_ONLINE = $00000080; 279 CRYPT_SF = $00000100; 280 CRYPT_CREATE_IV = $00000200; 281 CRYPT_KEK = $00000400; 282 CRYPT_DATA_KEY = $00000800; 283 284 // dwFlags definitions for CryptDeriveKey 285 CRYPT_SERVER = $00000400; 286 287 KEY_LENGTH_MASK = $FFFF0000; 288 289 // dwFlag definitions for CryptExportKey 290 CRYPT_Y_ONLY = $00000001; 291 CRYPT_SSL2_SLUMMING = $00000002; 292 293 // dwFlags definitions for CryptHashSessionKey 294 CRYPT_LITTLE_ENDIAN = $00000001; 295 296 // dwFlag definitions for CryptSetProviderEx and CryptGetDefaultProvider 297 CRYPT_MACHINE_DEFAULT = $00000001; 298 CRYPT_USER_DEFAULT = $00000002; 299 CRYPT_DELETE_DEFAULT = $00000004; 300 301 // exported key blob definitions 302 SIMPLEBLOB = $1; 303 PUBLICKEYBLOB = $6; 304 PRIVATEKEYBLOB = $7; 305 PLAINTEXTKEYBLOB = $8; 306 AT_KEYEXCHANGE = 1; 307 AT_SIGNATURE = 2; 308 CRYPT_USERDATA = 1; 309 310 // dwParam 311 KP_IV = 1; // Initialization vector 312 KP_SALT = 2; // Salt value 313 KP_PADDING = 3; // Padding values 314 KP_MODE = 4; // Mode of the cipher 315 KP_MODE_BITS = 5; // Number of bits to feedback 316 KP_PERMISSIONS = 6; // Key permissions DWORD 317 KP_ALGID = 7; // Key algorithm 318 KP_BLOCKLEN = 8; // Block size of the cipher 319 KP_KEYLEN = 9; // Length of key in bits 320 KP_SALT_EX = 10; // Length of salt in bytes 321 KP_P = 11; // DSS/Diffie-Hellman P value 322 KP_G = 12; // DSS/Diffie-Hellman G value 323 KP_Q = 13; // DSS Q value 324 KP_X = 14; // Diffie-Hellman X value 325 KP_Y = 15; // Y value 326 KP_RA = 16; // Fortezza RA value 327 KP_RB = 17; // Fortezza RB value 328 KP_INFO = 18; // for putting information into an RSA envelope 329 KP_EFFECTIVE_KEYLEN = 19; // setting and getting RC2 effective key length 330 KP_SCHANNEL_ALG = 20; // for setting the Secure Channel algorithms 331 KP_CLIENT_RANDOM = 21; // for setting the Secure Channel client random data 332 KP_SERVER_RANDOM = 22; // for setting the Secure Channel server random data 333 KP_RP = 23; 334 KP_PRECOMP_MD5 = 24; 335 KP_PRECOMP_SHA = 25; 336 KP_CERTIFICATE = 26; // for setting Secure Channel certificate data (PCT1) 337 KP_CLEAR_KEY = 27; // for setting Secure Channel clear key data (PCT1) 338 KP_PUB_EX_LEN = 28; 339 KP_PUB_EX_VAL = 29; 340 341 // KP_PADDING 342 PKCS5_PADDING = 1; {PKCS 5 (sec 6.2) padding method} 343 RANDOM_PADDING = 2; 344 ZERO_PADDING = 3; 345 346 // KP_MODE 347 CRYPT_MODE_CBC = 1; // Cipher block chaining 348 CRYPT_MODE_ECB = 2; // Electronic code book 349 CRYPT_MODE_OFB = 3; // Output feedback mode 350 CRYPT_MODE_CFB = 4; // Cipher feedback mode 351 CRYPT_MODE_CTS = 5; // Ciphertext stealing mode 352 353 // KP_PERMISSIONS 354 CRYPT_ENCRYPT = $0001; // Allow encryption 355 CRYPT_DECRYPT = $0002; // Allow decryption 356 CRYPT_EXPORT = $0004; // Allow key to be exported 357 CRYPT_READ = $0008; // Allow parameters to be read 358 CRYPT_WRITE = $0010; // Allow parameters to be set 359 CRYPT_MAC = $0020; // Allow MACs to be used with key 360 CRYPT_EXPORT_KEY = $0040; // Allow key to be used for exporting keys 361 CRYPT_IMPORT_KEY = $0080; // Allow key to be used for importing keys 362 363 HP_ALGID = $0001; // Hash algorithm 364 HP_HASHVAL = $0002; // Hash value 365 HP_HASHSIZE = $0004; // Hash value size 366 367 HP_HMAC_INFO = $0005; // information for creating an HMAC 368 369 CRYPT_FAILED = FALSE; 370 CRYPT_SUCCEED = TRUE; 371 372function RCRYPT_SUCCEEDED(rt:BOOL):BOOL; 373function RCRYPT_FAILED(rt:BOOL):BOOL; 374 375const 376 // CryptGetProvParam 377 PP_ENUMALGS = 1; 378 PP_ENUMCONTAINERS = 2; 379 PP_IMPTYPE = 3; 380 PP_NAME = 4; 381 PP_VERSION = 5; 382 PP_CONTAINER = 6; 383 PP_CHANGE_PASSWORD = 7; 384 PP_KEYSET_SEC_DESCR = 8; // get/set security descriptor of keyset 385 PP_CERTCHAIN = 9; // for retrieving certificates from tokens 386 PP_KEY_TYPE_SUBTYPE = 10; 387 PP_PROVTYPE = 16; 388 PP_KEYSTORAGE = 17; 389 PP_APPLI_CERT = 18; 390 PP_SYM_KEYSIZE = 19; 391 PP_SESSION_KEYSIZE = 20; 392 PP_UI_PROMPT = 21; 393 PP_ENUMALGS_EX = 22; 394 CRYPT_FIRST = 1; 395 CRYPT_NEXT = 2; 396 CRYPT_IMPL_HARDWARE = 1; 397 CRYPT_IMPL_SOFTWARE = 2; 398 CRYPT_IMPL_MIXED = 3; 399 CRYPT_IMPL_UNKNOWN = 4; 400 401 // key storage flags 402 CRYPT_SEC_DESCR = $00000001; 403 CRYPT_PSTORE = $00000002; 404 CRYPT_UI_PROMPT = $00000004; 405 406 // protocol flags 407 CRYPT_FLAG_PCT1 = $0001; 408 CRYPT_FLAG_SSL2 = $0002; 409 CRYPT_FLAG_SSL3 = $0004; 410 CRYPT_FLAG_TLS1 = $0008; 411 412 // CryptSetProvParam 413 PP_CLIENT_HWND = 1; 414 PP_CONTEXT_INFO = 11; 415 PP_KEYEXCHANGE_KEYSIZE = 12; 416 PP_SIGNATURE_KEYSIZE = 13; 417 PP_KEYEXCHANGE_ALG = 14; 418 PP_SIGNATURE_ALG = 15; 419 PP_DELETEKEY = 24; 420 421 PROV_RSA_FULL = 1; 422 PROV_RSA_SIG = 2; 423 PROV_DSS = 3; 424 PROV_FORTEZZA = 4; 425 PROV_MS_EXCHANGE = 5; 426 PROV_SSL = 6; 427 428PROV_RSA_SCHANNEL = 12; 429PROV_DSS_DH = 13; 430PROV_EC_ECDSA_SIG = 14; 431PROV_EC_ECNRA_SIG = 15; 432PROV_EC_ECDSA_FULL = 16; 433PROV_EC_ECNRA_FULL = 17; 434PROV_SPYRUS_LYNKS = 20; 435 436 437 // STT defined Providers 438 PROV_STT_MER = 7; 439 PROV_STT_ACQ = 8; 440 PROV_STT_BRND = 9; 441 PROV_STT_ROOT = 10; 442 PROV_STT_ISS = 11; 443 444 // Provider friendly names 445 MS_DEF_PROV_A = 'Microsoft Base Cryptographic Provider v1.0'; 446 {$IFNDEF VER90} 447 MS_DEF_PROV_W = WideString( 'Microsoft Base Cryptographic Provider v1.0'); 448 {$ELSE} 449 MS_DEF_PROV_W = ( 'Microsoft Base Cryptographic Provider v1.0'); 450 {$ENDIF} 451 452{$IFDEF UNICODE} 453 MS_DEF_PROV = MS_DEF_PROV_W; 454{$ELSE} 455 MS_DEF_PROV = MS_DEF_PROV_A; 456{$ENDIF} 457 458 MS_ENHANCED_PROV_A = 'Microsoft Enhanced Cryptographic Provider v1.0'; 459 {$IFNDEF VER90} 460 MS_ENHANCED_PROV_W = WideString('Microsoft Enhanced Cryptographic Provider v1.0'); 461 {$ELSE} 462 MS_ENHANCED_PROV_W = ('Microsoft Enhanced Cryptographic Provider v1.0'); 463 {$ENDIF} 464 465{$IFDEF UNICODE} 466 MS_ENHANCED_PROV = MS_ENHANCED_PROV_W; 467{$ELSE} 468 MS_ENHANCED_PROV = MS_ENHANCED_PROV_A; 469{$ENDIF} 470 471 MS_DEF_RSA_SIG_PROV_A = 'Microsoft RSA Signature Cryptographic Provider'; 472 {$IFNDEF VER90} 473 MS_DEF_RSA_SIG_PROV_W = WideString('Microsoft RSA Signature Cryptographic Provider'); 474 {$ELSE} 475 MS_DEF_RSA_SIG_PROV_W = ('Microsoft RSA Signature Cryptographic Provider'); 476 {$ENDIF} 477 478{$IFDEF UNICODE} 479 MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_W; 480{$ELSE} 481 MS_DEF_RSA_SIG_PROV = MS_DEF_RSA_SIG_PROV_A; 482{$ENDIF} 483 484 MS_DEF_RSA_SCHANNEL_PROV_A = 'Microsoft Base RSA SChannel Cryptographic Provider'; 485 {$IFNDEF VER90} 486 MS_DEF_RSA_SCHANNEL_PROV_W = WideString('Microsoft Base RSA SChannel Cryptographic Provider'); 487 {$ELSE} 488 MS_DEF_RSA_SCHANNEL_PROV_W = ('Microsoft Base RSA SChannel Cryptographic Provider'); 489 {$ENDIF} 490 491 492{$IFDEF UNICODE} 493 MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_W; 494{$ELSE} 495 MS_DEF_RSA_SCHANNEL_PROV = MS_DEF_RSA_SCHANNEL_PROV_A; 496{$ENDIF} 497 498 MS_ENHANCED_RSA_SCHANNEL_PROV_A = 'Microsoft Enhanced RSA SChannel Cryptographic Provider'; 499 {$IFNDEF VER90} 500 MS_ENHANCED_RSA_SCHANNEL_PROV_W = WideString('Microsoft Enhanced RSA SChannel Cryptographic Provider'); 501 {$ELSE} 502 MS_ENHANCED_RSA_SCHANNEL_PROV_W = ('Microsoft Enhanced RSA SChannel Cryptographic Provider'); 503 {$ENDIF} 504 505{$IFDEF UNICODE} 506 MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_W; 507{$ELSE} 508 MS_ENHANCED_RSA_SCHANNEL_PROV = MS_ENHANCED_RSA_SCHANNEL_PROV_A; 509{$ENDIF} 510 511 MS_DEF_DSS_PROV_A = 'Microsoft Base DSS Cryptographic Provider'; 512 {$IFNDEF VER90} 513 MS_DEF_DSS_PROV_W = WideString('Microsoft Base DSS Cryptographic Provider'); 514 {$ELSE} 515 MS_DEF_DSS_PROV_W = ('Microsoft Base DSS Cryptographic Provider'); 516 {$ENDIF} 517 518{$IFDEF UNICODE} 519 MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_W; 520{$ELSE} 521 MS_DEF_DSS_PROV = MS_DEF_DSS_PROV_A; 522{$ENDIF} 523 524 MS_DEF_DSS_DH_PROV_A = 'Microsoft Base DSS and Diffie-Hellman Cryptographic Provider'; 525 {$IFNDEF VER90} 526 MS_DEF_DSS_DH_PROV_W = WideString('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider'); 527 {$ELSE} 528 MS_DEF_DSS_DH_PROV_W = ('Microsoft Base DSS and Diffie-Hellman Cryptographic Provider'); 529 {$ENDIF} 530 531{$IFDEF UNICODE} 532 MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_W; 533{$ELSE} 534 MS_DEF_DSS_DH_PROV = MS_DEF_DSS_DH_PROV_A; 535{$ENDIF} 536 537 MAXUIDLEN = 64; 538 CUR_BLOB_VERSION = 2; 539 540{structure for use with CryptSetHashParam with CALG_HMAC} 541type 542 PHMAC_INFO = ^HMAC_INFO; 543 HMAC_INFO = record 544 HashAlgid :ALG_ID; 545 pbInnerString :PBYTE; 546 cbInnerString :DWORD; 547 pbOuterString :PBYTE; 548 cbOuterString :DWORD; 549 end; 550 551// structure for use with CryptSetHashParam with CALG_HMAC 552type 553 PSCHANNEL_ALG = ^SCHANNEL_ALG; 554 SCHANNEL_ALG = record 555 dwUse :DWORD; 556 Algid :ALG_ID; 557 cBits :DWORD; 558 end; 559 560// uses of algortihms for SCHANNEL_ALG structure 561const 562 SCHANNEL_MAC_KEY = $00000000; 563 SCHANNEL_ENC_KEY = $00000001; 564 565type 566 PPROV_ENUMALGS = ^PROV_ENUMALGS; 567 PROV_ENUMALGS = record 568 aiAlgid :ALG_ID; 569 dwBitLen :DWORD; 570 dwNameLen :DWORD; 571 szName :array[0..20-1] of Char; 572 end ; 573 574type 575 PPROV_ENUMALGS_EX = ^PROV_ENUMALGS_EX; 576 PROV_ENUMALGS_EX = record 577 aiAlgid :ALG_ID; 578 dwDefaultLen :DWORD; 579 dwMinLen :DWORD; 580 dwMaxLen :DWORD; 581 dwProtocols :DWORD; 582 dwNameLen :DWORD; 583 szName :array[0..20-1] of Char; 584 dwLongNameLen :DWORD; 585 szLongName :array[0..40-1] of Char; 586 end; 587 588type 589 PPUBLICKEYSTRUC = ^PUBLICKEYSTRUC; 590 PUBLICKEYSTRUC = record 591 bType :BYTE; 592 bVersion :BYTE; 593 reserved :Word; 594 aiKeyAlg :ALG_ID; 595 end; 596 597type 598 BLOBHEADER = PUBLICKEYSTRUC; 599 PBLOBHEADER = ^BLOBHEADER; 600 601type 602 PRSAPUBKEY = ^RSAPUBKEY; 603 RSAPUBKEY = record 604 magic :DWORD; // Has to be RSA1 605 bitlen :DWORD; // # of bits in modulus 606 pubexp :DWORD; // public exponent 607 // Modulus data follows 608 end; 609 610type 611 PPUBKEY = ^PUBKEY; 612 PUBKEY = record 613 magic :DWORD; 614 bitlen :DWORD; // # of bits in modulus 615 end; 616 617type 618 DHPUBKEY = PUBKEY; 619 DSSPUBKEY = PUBKEY; 620 KEAPUBKEY = PUBKEY; 621 TEKPUBKEY = PUBKEY; 622 623 624type 625 PDSSSEED = ^DSSSEED; 626 DSSSEED = record 627 counter :DWORD; 628 seed :array[0..20-1] of BYTE; 629 end; 630 631type 632 PKEY_TYPE_SUBTYPE = ^KEY_TYPE_SUBTYPE; 633 KEY_TYPE_SUBTYPE = record 634 dwKeySpec :DWORD; 635 Type_ :TGUID; {conflict with base Delphi type: original name 'Type'} 636 Subtype :TGUID; 637 end; 638 639type 640 HCRYPTPROV = ULONG; 641 PHCRYPTPROV = ^HCRYPTPROV; 642 HCRYPTKEY = ULONG; 643 PHCRYPTKEY = ^HCRYPTKEY; 644 HCRYPTHASH = ULONG; 645 PHCRYPTHASH = ^HCRYPTHASH; 646 647function CryptAcquireContextA(phProv :PHCRYPTPROV; 648 pszContainer :PAnsiChar; 649 pszProvider :PAnsiChar; 650 dwProvType :DWORD; 651 dwFlags :DWORD) :BOOL;stdcall; 652 653function CryptAcquireContext(phProv :PHCRYPTPROV; 654 pszContainer :LPAWSTR; 655 pszProvider :LPAWSTR; 656 dwProvType :DWORD; 657 dwFlags :DWORD) :BOOL;stdcall; 658 659function CryptAcquireContextW(phProv :PHCRYPTPROV; 660 pszContainer :PWideChar; 661 pszProvider :PWideChar; 662 dwProvType :DWORD; 663 dwFlags :DWORD) :BOOL ;stdcall; 664 665 666function CryptReleaseContext(hProv :HCRYPTPROV; 667 dwFlags :DWORD) :BOOL;stdcall; 668 669 670 671function CryptGenKey(hProv :HCRYPTPROV; 672 Algid :ALG_ID; 673 dwFlags :DWORD; 674 phKey :PHCRYPTKEY) :BOOL;stdcall ; 675 676 677function CryptDeriveKey(hProv :HCRYPTPROV; 678 Algid :ALG_ID; 679 hBaseData :HCRYPTHASH; 680 dwFlags :DWORD; 681 phKey :PHCRYPTKEY) :BOOL;stdcall ; 682 683 684 685function CryptDestroyKey(hKey :HCRYPTKEY) :BOOL;stdcall ; 686 687 688function CryptSetKeyParam(hKey :HCRYPTKEY; 689 dwParam :DWORD; 690 pbData :PBYTE; 691 dwFlags :DWORD) :BOOL;stdcall; 692 693 694function CryptGetKeyParam(hKey :HCRYPTKEY; 695 dwParam :DWORD; 696 pbData :PBYTE; 697 pdwDataLen :PDWORD; 698 dwFlags :DWORD) :BOOL;stdcall; 699 700 701function CryptSetHashParam(hHash :HCRYPTHASH; 702 dwParam :DWORD; 703 pbData :PBYTE; 704 dwFlags :DWORD) :BOOL;stdcall; 705 706 707function CryptGetHashParam(hHash :HCRYPTHASH; 708 dwParam :DWORD; 709 pbData :PBYTE; 710 pdwDataLen :PDWORD; 711 dwFlags :DWORD) :BOOL;stdcall; 712 713 714function CryptSetProvParam(hProv :HCRYPTPROV; 715 dwParam :DWORD; 716 pbData :PBYTE; 717 dwFlags :DWORD) :BOOL;stdcall; 718 719 720function CryptGetProvParam(hProv :HCRYPTPROV; 721 dwParam :DWORD; 722 pbData :PBYTE; 723 pdwDataLen :PDWORD; 724 dwFlags :DWORD) :BOOL;stdcall; 725 726 727function CryptGenRandom(hProv :HCRYPTPROV; 728 dwLen :DWORD; 729 pbBuffer :PBYTE) :BOOL;stdcall; 730 731 732function CryptGetUserKey(hProv :HCRYPTPROV; 733 dwKeySpec :DWORD; 734 phUserKey :PHCRYPTKEY) :BOOL;stdcall; 735 736 737function CryptExportKey(hKey :HCRYPTKEY; 738 hExpKey :HCRYPTKEY; 739 dwBlobType :DWORD; 740 dwFlags :DWORD; 741 pbData :PBYTE; 742 pdwDataLen :PDWORD) :BOOL;stdcall; 743 744 745function CryptImportKey(hProv :HCRYPTPROV; 746 pbData :PBYTE; 747 dwDataLen :DWORD; 748 hPubKey :HCRYPTKEY; 749 dwFlags :DWORD; 750 phKey :PHCRYPTKEY) :BOOL;stdcall; 751 752 753function CryptEncrypt(hKey :HCRYPTKEY; 754 hHash :HCRYPTHASH; 755 Final :BOOL; 756 dwFlags :DWORD; 757 pbData :PBYTE; 758 pdwDataLen :PDWORD; 759 dwBufLen :DWORD) :BOOL;stdcall; 760 761 762function CryptDecrypt(hKey :HCRYPTKEY; 763 hHash :HCRYPTHASH; 764 Final :BOOL; 765 dwFlags :DWORD; 766 pbData :PBYTE; 767 pdwDataLen :PDWORD) :BOOL;stdcall; 768 769 770function CryptCreateHash(hProv :HCRYPTPROV; 771 Algid :ALG_ID; 772 hKey :HCRYPTKEY; 773 dwFlags :DWORD; 774 phHash :PHCRYPTHASH) :BOOL;stdcall; 775 776 777function CryptHashData(hHash :HCRYPTHASH; 778 const pbData :PBYTE; 779 dwDataLen :DWORD; 780 dwFlags :DWORD) :BOOL;stdcall; 781 782 783function CryptHashSessionKey(hHash :HCRYPTHASH; 784 hKey :HCRYPTKEY; 785 dwFlags :DWORD) :BOOL;stdcall; 786 787 788function CryptDestroyHash(hHash :HCRYPTHASH) :BOOL;stdcall; 789 790 791function CryptSignHashA(hHash :HCRYPTHASH; 792 dwKeySpec :DWORD; 793 sDescription :PAnsiChar; 794 dwFlags :DWORD; 795 pbSignature :PBYTE; 796 pdwSigLen :PDWORD) :BOOL;stdcall; 797 798 799function CryptSignHash(hHash :HCRYPTHASH; 800 dwKeySpec :DWORD; 801 sDescription :LPAWSTR; 802 dwFlags :DWORD; 803 pbSignature :PBYTE; 804 pdwSigLen :PDWORD) :BOOL;stdcall; 805 806function CryptSignHashW(hHash :HCRYPTHASH; 807 dwKeySpec :DWORD; 808 sDescription :PWideChar; 809 dwFlags :DWORD; 810 pbSignature :PBYTE; 811 pdwSigLen :PDWORD) :BOOL;stdcall; 812 813function CryptSignHashU(hHash :HCRYPTHASH; 814 dwKeySpec :DWORD; 815 sDescription :PWideChar; 816 dwFlags :DWORD; 817 pbSignature :PBYTE; 818 pdwSigLen :PDWORD) :BOOL;stdcall; 819 820function CryptVerifySignatureA(hHash :HCRYPTHASH; 821 const pbSignature :PBYTE; 822 dwSigLen :DWORD; 823 hPubKey :HCRYPTKEY; 824 sDescription :PAnsiChar; 825 dwFlags :DWORD) :BOOL;stdcall; 826 827function CryptVerifySignature(hHash :HCRYPTHASH; 828 const pbSignature :PBYTE; 829 dwSigLen :DWORD; 830 hPubKey :HCRYPTKEY; 831 sDescription :LPAWSTR; 832 dwFlags :DWORD) :BOOL;stdcall; 833 834 835function CryptVerifySignatureW(hHash :HCRYPTHASH; 836 const pbSignature :PBYTE; 837 dwSigLen :DWORD; 838 hPubKey :HCRYPTKEY; 839 sDescription :PWideChar; 840 dwFlags :DWORD) :BOOL;stdcall; 841 842 843function CryptSetProviderA(pszProvName :PAnsiChar; 844 dwProvType :DWORD) :BOOL;stdcall; 845 846function CryptSetProvider(pszProvName :LPAWSTR; 847 dwProvType :DWORD) :BOOL;stdcall; 848 849function CryptSetProviderW(pszProvName :PWideChar; 850 dwProvType :DWORD) :BOOL;stdcall; 851 852function CryptSetProviderU(pszProvName :PWideChar; 853 dwProvType :DWORD) :BOOL;stdcall; 854 855{$IFDEF NT5} 856 857function CryptSetProviderExA(pszProvName :LPCSTR; 858 dwProvType :DWORD; 859 pdwReserved :PDWORD; 860 dwFlags :DWORD):BOOL;stdcall; 861 862function CryptSetProviderExW(pszProvName :LPCWSTR; 863 dwProvType :DWORD; 864 pdwReserved :PDWORD; 865 dwFlags :DWORD):BOOL;stdcall; 866 867function CryptSetProviderEx(pszProvName :LPAWSTR; 868 dwProvType :DWORD; 869 pdwReserved :PDWORD; 870 dwFlags :DWORD):BOOL;stdcall; 871 872 873function CryptGetDefaultProviderA(dwProvType :DWORD; 874 pdwReserved :DWORD; 875 dwFlags :DWORD; 876 pszProvName :LPSTR; 877 pcbProvName :PDWORD):BOOL ; stdcall; 878 879function CryptGetDefaultProviderW(dwProvType :DWORD; 880 pdwReserved :DWORD; 881 dwFlags :DWORD; 882 pszProvName :LPWSTR; 883 pcbProvName :PDWORD):BOOL ; stdcall; 884 885function CryptGetDefaultProvider(dwProvType :DWORD; 886 pdwReserved :DWORD; 887 dwFlags :DWORD; 888 pszProvName :LPAWSTR; 889 pcbProvName :PDWORD):BOOL ; stdcall; 890 891function CryptEnumProviderTypesA(dwIndex :DWORD; 892 pdwReserved :PDWORD; 893 dwFlags :DWORD; 894 pdwProvType :PDWORD; 895 pszTypeName :LPSTR; 896 pcbTypeName :PDWORD):BOOL ; stdcall; 897 898function CryptEnumProviderTypesW(dwIndex :DWORD; 899 pdwReserved :PDWORD; 900 dwFlags :DWORD; 901 pdwProvType :PDWORD; 902 pszTypeName :LPWSTR; 903 pcbTypeName :PDWORD):BOOL ; stdcall; 904 905function CryptEnumProviderTypes(dwIndex :DWORD; 906 pdwReserved :PDWORD; 907 dwFlags :DWORD; 908 pdwProvType :PDWORD; 909 pszTypeName :LPAWSTR; 910 pcbTypeName :PDWORD):BOOL ; stdcall; 911 912function CryptEnumProvidersA(dwIndex :DWORD; 913 pdwReserved :PDWORD; 914 dwFlags :DWORD; 915 pdwProvType :PDWORD; 916 pszProvName :LPSTR; 917 pcbProvName :PDWORD):BOOL ; stdcall; 918 919function CryptEnumProvidersW(dwIndex :DWORD; 920 pdwReserved :PDWORD; 921 dwFlags :DWORD; 922 pdwProvType :PDWORD; 923 pszProvName :LPWSTR; 924 pcbProvName :PDWORD):BOOL ; stdcall; 925 926function CryptEnumProviders(dwIndex :DWORD; 927 pdwReserved :PDWORD; 928 dwFlags :DWORD; 929 pdwProvType :PDWORD; 930 pszProvName :LPAWSTR; 931 pcbProvName :PDWORD):BOOL ; stdcall; 932 933function CryptContextAddRef(hProv :HCRYPTPROV; 934 pdwReserved :PDWORD; 935 dwFlags :DWORD):BOOL ; stdcall; 936 937function CryptDuplicateKey(hKey :HCRYPTKEY; 938 pdwReserved :PDWORD; 939 dwFlags :DWORD; 940 phKey :PHCRYPTKEY):BOOL ; stdcall; 941 942function CryptDuplicateHash(hHash :HCRYPTHASH; 943 pdwReserved :PDWORD; 944 dwFlags :DWORD; 945 phHash :PHCRYPTHASH):BOOL ; stdcall; 946 947{$ENDIF NT5} 948 949function CryptEnumProvidersU(dwIndex :DWORD; 950 pdwReserved :PDWORD; 951 dwFlags :DWORD; 952 pdwProvType :PDWORD; 953 pszProvName :LPWSTR; 954 pcbProvName :PDWORD):BOOL ; stdcall; 955 956//+------------------------------------------------------------------------- 957// CRYPTOAPI BLOB definitions 958//-------------------------------------------------------------------------- 959 960type 961 PCRYPTOAPI_BLOB = ^CRYPTOAPI_BLOB; 962 CRYPTOAPI_BLOB = record 963 cbData :DWORD; 964 pbData :PBYTE; 965 end; 966 967type 968 CRYPT_INTEGER_BLOB = CRYPTOAPI_BLOB; 969 PCRYPT_INTEGER_BLOB = ^CRYPT_INTEGER_BLOB; 970 CRYPT_UINT_BLOB = CRYPTOAPI_BLOB; 971 PCRYPT_UINT_BLOB = ^CRYPT_UINT_BLOB; 972 CRYPT_OBJID_BLOB = CRYPTOAPI_BLOB; 973 PCRYPT_OBJID_BLOB = ^CRYPT_OBJID_BLOB; 974 CERT_NAME_BLOB = CRYPTOAPI_BLOB; 975 PCERT_NAME_BLOB = ^CERT_NAME_BLOB; 976 CERT_RDN_VALUE_BLOB = CRYPTOAPI_BLOB; 977 PCERT_RDN_VALUE_BLOB = ^CERT_RDN_VALUE_BLOB; 978 CERT_BLOB = CRYPTOAPI_BLOB; 979 PCERT_BLOB = ^CERT_BLOB; 980 CRL_BLOB = CRYPTOAPI_BLOB; 981 PCRL_BLOB = ^CRL_BLOB; 982 DATA_BLOB = CRYPTOAPI_BLOB; 983 PDATA_BLOB = ^DATA_BLOB; // JEFFJEFF temporary (too generic) 984 CRYPT_DATA_BLOB = CRYPTOAPI_BLOB; 985 PCRYPT_DATA_BLOB = ^CRYPT_DATA_BLOB; 986 CRYPT_HASH_BLOB = CRYPTOAPI_BLOB; 987 PCRYPT_HASH_BLOB = ^CRYPT_HASH_BLOB; 988 CRYPT_DIGEST_BLOB = CRYPTOAPI_BLOB; 989 PCRYPT_DIGEST_BLOB = ^CRYPT_DIGEST_BLOB; 990 CRYPT_DER_BLOB = CRYPTOAPI_BLOB; 991 PCRYPT_DER_BLOB = ^CRYPT_DER_BLOB; 992 CRYPT_ATTR_BLOB = CRYPTOAPI_BLOB; 993 PCRYPT_ATTR_BLOB = ^CRYPT_ATTR_BLOB; 994 995//+------------------------------------------------------------------------- 996// In a CRYPT_BIT_BLOB the last byte may contain 0-7 unused bits. Therefore, the 997// overall bit length is cbData * 8 - cUnusedBits. 998//-------------------------------------------------------------------------- 999 1000type 1001 PCRYPT_BIT_BLOB = ^CRYPT_BIT_BLOB; 1002 CRYPT_BIT_BLOB = record 1003 cbData :DWORD; 1004 pbData :PBYTE; 1005 cUnusedBits :DWORD; 1006 end; 1007 1008//+------------------------------------------------------------------------- 1009// Type used for any algorithm 1010// 1011// Where the Parameters CRYPT_OBJID_BLOB is in its encoded representation. For most 1012// algorithm types, the Parameters CRYPT_OBJID_BLOB is NULL (Parameters.cbData = 0). 1013//-------------------------------------------------------------------------- 1014 1015type 1016 PCRYPT_ALGORITHM_IDENTIFIER = ^CRYPT_ALGORITHM_IDENTIFIER; 1017 CRYPT_ALGORITHM_IDENTIFIER = record 1018 pszObjId :LPSTR; 1019 Parameters :CRYPT_OBJID_BLOB; 1020 end; 1021 1022// Following are the definitions of various algorithm object identifiers 1023// RSA 1024const 1025 szOID_RSA = '1.2.840.113549'; 1026 szOID_PKCS = '1.2.840.113549.1'; 1027 szOID_RSA_HASH = '1.2.840.113549.2'; 1028 szOID_RSA_ENCRYPT = '1.2.840.113549.3'; 1029 1030 szOID_PKCS_1 = '1.2.840.113549.1.1'; 1031 szOID_PKCS_2 = '1.2.840.113549.1.2'; 1032 szOID_PKCS_3 = '1.2.840.113549.1.3'; 1033 szOID_PKCS_4 = '1.2.840.113549.1.4'; 1034 szOID_PKCS_5 = '1.2.840.113549.1.5'; 1035 szOID_PKCS_6 = '1.2.840.113549.1.6'; 1036 szOID_PKCS_7 = '1.2.840.113549.1.7'; 1037 szOID_PKCS_8 = '1.2.840.113549.1.8'; 1038 szOID_PKCS_9 = '1.2.840.113549.1.9'; 1039 szOID_PKCS_10 = '1.2.840.113549.1.10'; 1040 1041 szOID_RSA_RSA = '1.2.840.113549.1.1.1'; 1042 szOID_RSA_MD2RSA = '1.2.840.113549.1.1.2'; 1043 szOID_RSA_MD4RSA = '1.2.840.113549.1.1.3'; 1044 szOID_RSA_MD5RSA = '1.2.840.113549.1.1.4'; 1045 szOID_RSA_SHA1RSA = '1.2.840.113549.1.1.5'; 1046 szOID_RSA_SETOAEP_RSA = '1.2.840.113549.1.1.6'; 1047 1048 szOID_RSA_data = '1.2.840.113549.1.7.1'; 1049 szOID_RSA_signedData = '1.2.840.113549.1.7.2'; 1050 szOID_RSA_envelopedData = '1.2.840.113549.1.7.3'; 1051 szOID_RSA_signEnvData = '1.2.840.113549.1.7.4'; 1052 szOID_RSA_digestedData = '1.2.840.113549.1.7.5'; 1053 szOID_RSA_hashedData = '1.2.840.113549.1.7.5'; 1054 szOID_RSA_encryptedData = '1.2.840.113549.1.7.6'; 1055 1056 szOID_RSA_emailAddr = '1.2.840.113549.1.9.1'; 1057 szOID_RSA_unstructName = '1.2.840.113549.1.9.2'; 1058 szOID_RSA_contentType = '1.2.840.113549.1.9.3'; 1059 szOID_RSA_messageDigest = '1.2.840.113549.1.9.4'; 1060 szOID_RSA_signingTime = '1.2.840.113549.1.9.5'; 1061 szOID_RSA_counterSign = '1.2.840.113549.1.9.6'; 1062 szOID_RSA_challengePwd = '1.2.840.113549.1.9.7'; 1063 szOID_RSA_unstructAddr = '1.2.840.113549.1.9.8'; 1064 szOID_RSA_extCertAttrs = '1.2.840.113549.1.9.9'; 1065 szOID_RSA_SMIMECapabilities = '1.2.840.113549.1.9.15'; 1066 szOID_RSA_preferSignedData = '1.2.840.113549.1.9.15.1'; 1067 1068 szOID_RSA_MD2 = '1.2.840.113549.2.2'; 1069 szOID_RSA_MD4 = '1.2.840.113549.2.4'; 1070 szOID_RSA_MD5 = '1.2.840.113549.2.5'; 1071 1072 szOID_RSA_RC2CBC = '1.2.840.113549.3.2'; 1073 szOID_RSA_RC4 = '1.2.840.113549.3.4'; 1074 szOID_RSA_DES_EDE3_CBC = '1.2.840.113549.3.7'; 1075 szOID_RSA_RC5_CBCPad = '1.2.840.113549.3.9'; 1076 1077// ITU-T UsefulDefinitions 1078 szOID_DS = '2.5'; 1079 szOID_DSALG = '2.5.8'; 1080 szOID_DSALG_CRPT = '2.5.8.1'; 1081 szOID_DSALG_HASH = '2.5.8.2'; 1082 szOID_DSALG_SIGN = '2.5.8.3'; 1083 szOID_DSALG_RSA = '2.5.8.1.1'; 1084 1085// NIST OSE Implementors' Workshop (OIW) 1086// http://nemo.ncsl.nist.gov/oiw/agreements/stable/OSI/12s_9506.w51 1087// http://nemo.ncsl.nist.gov/oiw/agreements/working/OSI/12w_9503.w51 1088 szOID_OIW = '1.3.14'; 1089// NIST OSE Implementors' Workshop (OIW) Security SIG algorithm identifiers 1090 szOID_OIWSEC = '1.3.14.3.2'; 1091 szOID_OIWSEC_md4RSA = '1.3.14.3.2.2'; 1092 szOID_OIWSEC_md5RSA = '1.3.14.3.2.3'; 1093 szOID_OIWSEC_md4RSA2 = '1.3.14.3.2.4'; 1094 szOID_OIWSEC_desECB = '1.3.14.3.2.6'; 1095 szOID_OIWSEC_desCBC = '1.3.14.3.2.7'; 1096 szOID_OIWSEC_desOFB = '1.3.14.3.2.8'; 1097 szOID_OIWSEC_desCFB = '1.3.14.3.2.9'; 1098 szOID_OIWSEC_desMAC = '1.3.14.3.2.10'; 1099 szOID_OIWSEC_rsaSign = '1.3.14.3.2.11'; 1100 szOID_OIWSEC_dsa = '1.3.14.3.2.12'; 1101 szOID_OIWSEC_shaDSA = '1.3.14.3.2.13'; 1102 szOID_OIWSEC_mdc2RSA = '1.3.14.3.2.14'; 1103 szOID_OIWSEC_shaRSA = '1.3.14.3.2.15'; 1104 szOID_OIWSEC_dhCommMod = '1.3.14.3.2.16'; 1105 szOID_OIWSEC_desEDE = '1.3.14.3.2.17'; 1106 szOID_OIWSEC_sha = '1.3.14.3.2.18'; 1107 szOID_OIWSEC_mdc2 = '1.3.14.3.2.19'; 1108 szOID_OIWSEC_dsaComm = '1.3.14.3.2.20'; 1109 szOID_OIWSEC_dsaCommSHA = '1.3.14.3.2.21'; 1110 szOID_OIWSEC_rsaXchg = '1.3.14.3.2.22'; 1111 szOID_OIWSEC_keyHashSeal = '1.3.14.3.2.23'; 1112 szOID_OIWSEC_md2RSASign = '1.3.14.3.2.24'; 1113 szOID_OIWSEC_md5RSASign = '1.3.14.3.2.25'; 1114 szOID_OIWSEC_sha1 = '1.3.14.3.2.26'; 1115 szOID_OIWSEC_dsaSHA1 = '1.3.14.3.2.27'; 1116 szOID_OIWSEC_dsaCommSHA1 = '1.3.14.3.2.28'; 1117 szOID_OIWSEC_sha1RSASign = '1.3.14.3.2.29'; 1118// NIST OSE Implementors' Workshop (OIW) Directory SIG algorithm identifiers 1119 szOID_OIWDIR = '1.3.14.7.2'; 1120 szOID_OIWDIR_CRPT = '1.3.14.7.2.1'; 1121 szOID_OIWDIR_HASH = '1.3.14.7.2.2'; 1122 szOID_OIWDIR_SIGN = '1.3.14.7.2.3'; 1123 szOID_OIWDIR_md2 = '1.3.14.7.2.2.1'; 1124 szOID_OIWDIR_md2RSA = '1.3.14.7.2.3.1'; 1125 1126 1127// INFOSEC Algorithms 1128// joint-iso-ccitt(2) country(16) us(840) organization(1) us-government(101) dod(2) id-infosec(1) 1129 szOID_INFOSEC = '2.16.840.1.101.2.1'; 1130 szOID_INFOSEC_sdnsSignature = '2.16.840.1.101.2.1.1.1'; 1131 szOID_INFOSEC_mosaicSignature = '2.16.840.1.101.2.1.1.2'; 1132 szOID_INFOSEC_sdnsConfidentiality = '2.16.840.1.101.2.1.1.3'; 1133 szOID_INFOSEC_mosaicConfidentiality = '2.16.840.1.101.2.1.1.4'; 1134 szOID_INFOSEC_sdnsIntegrity = '2.16.840.1.101.2.1.1.5'; 1135 szOID_INFOSEC_mosaicIntegrity = '2.16.840.1.101.2.1.1.6'; 1136 szOID_INFOSEC_sdnsTokenProtection = '2.16.840.1.101.2.1.1.7'; 1137 szOID_INFOSEC_mosaicTokenProtection = '2.16.840.1.101.2.1.1.8'; 1138 szOID_INFOSEC_sdnsKeyManagement = '2.16.840.1.101.2.1.1.9'; 1139 szOID_INFOSEC_mosaicKeyManagement = '2.16.840.1.101.2.1.1.10'; 1140 szOID_INFOSEC_sdnsKMandSig = '2.16.840.1.101.2.1.1.11'; 1141 szOID_INFOSEC_mosaicKMandSig = '2.16.840.1.101.2.1.1.12'; 1142 szOID_INFOSEC_SuiteASignature = '2.16.840.1.101.2.1.1.13'; 1143 szOID_INFOSEC_SuiteAConfidentiality = '2.16.840.1.101.2.1.1.14'; 1144 szOID_INFOSEC_SuiteAIntegrity = '2.16.840.1.101.2.1.1.15'; 1145 szOID_INFOSEC_SuiteATokenProtection = '2.16.840.1.101.2.1.1.16'; 1146 szOID_INFOSEC_SuiteAKeyManagement = '2.16.840.1.101.2.1.1.17'; 1147 szOID_INFOSEC_SuiteAKMandSig = '2.16.840.1.101.2.1.1.18'; 1148 szOID_INFOSEC_mosaicUpdatedSig = '2.16.840.1.101.2.1.1.19'; 1149 szOID_INFOSEC_mosaicKMandUpdSig = '2.16.840.1.101.2.1.1.20'; 1150 szOID_INFOSEC_mosaicUpdatedInteg = '2.16.840.1.101.2.1.1.21'; 1151 1152type 1153 PCRYPT_OBJID_TABLE = ^CRYPT_OBJID_TABLE; 1154 CRYPT_OBJID_TABLE = record 1155 dwAlgId :DWORD; 1156 pszObjId :LPCSTR; 1157 end; 1158 1159//+------------------------------------------------------------------------- 1160// PKCS #1 HashInfo (DigestInfo) 1161//-------------------------------------------------------------------------- 1162 1163type 1164 PCRYPT_HASH_INFO = ^CRYPT_HASH_INFO; 1165 CRYPT_HASH_INFO = record 1166 HashAlgorithm :CRYPT_ALGORITHM_IDENTIFIER; 1167 Hash :CRYPT_HASH_BLOB; 1168 end; 1169 1170//+------------------------------------------------------------------------- 1171// Type used for an extension to an encoded content 1172// 1173// Where the Value's CRYPT_OBJID_BLOB is in its encoded representation. 1174//-------------------------------------------------------------------------- 1175 1176type 1177 PCERT_EXTENSION = ^CERT_EXTENSION; 1178 CERT_EXTENSION = record 1179 pszObjId :LPSTR; 1180 fCritical :BOOL; 1181 Value :CRYPT_OBJID_BLOB; 1182 end; 1183 1184//+------------------------------------------------------------------------- 1185// AttributeTypeValue 1186// 1187// Where the Value's CRYPT_OBJID_BLOB is in its encoded representation. 1188//-------------------------------------------------------------------------- 1189 1190type 1191 PCRYPT_ATTRIBUTE_TYPE_VALUE =^CRYPT_ATTRIBUTE_TYPE_VALUE; 1192 CRYPT_ATTRIBUTE_TYPE_VALUE = record 1193 pszObjId :LPSTR; 1194 Value :CRYPT_OBJID_BLOB; 1195 end; 1196 1197//+------------------------------------------------------------------------- 1198// Attributes 1199// 1200// Where the Value's PATTR_BLOBs are in their encoded representation. 1201//-------------------------------------------------------------------------- 1202 1203type 1204 PCRYPT_ATTRIBUTE = ^CRYPT_ATTRIBUTE; 1205 CRYPT_ATTRIBUTE = record 1206 pszObjId :LPSTR; 1207 cValue :DWORD; 1208 rgValue :PCRYPT_ATTR_BLOB; 1209 end; 1210 1211type 1212 PCRYPT_ATTRIBUTES =^CRYPT_ATTRIBUTES; 1213 CRYPT_ATTRIBUTES = record 1214 cAttr :DWORD; {IN} 1215 rgAttr :PCRYPT_ATTRIBUTE; {IN} 1216 end; 1217 1218//+------------------------------------------------------------------------- 1219// Attributes making up a Relative Distinguished Name (CERT_RDN) 1220// 1221// The interpretation of the Value depends on the dwValueType. 1222// See below for a list of the types. 1223//-------------------------------------------------------------------------- 1224 1225type 1226 PCERT_RDN_ATTR = ^CERT_RDN_ATTR; 1227 CERT_RDN_ATTR = record 1228 pszObjId :LPSTR; 1229 dwValueType :DWORD; 1230 Value :CERT_RDN_VALUE_BLOB; 1231 end; 1232 1233//+------------------------------------------------------------------------- 1234// CERT_RDN attribute Object Identifiers 1235//-------------------------------------------------------------------------- 1236// Labeling attribute types: 1237const 1238 szOID_COMMON_NAME = '2.5.4.3'; // case-ignore string 1239 szOID_SUR_NAME = '2.5.4.4'; // case-ignore string 1240 szOID_DEVICE_SERIAL_NUMBER = '2.5.4.5'; // printable string 1241 1242// Geographic attribute types: 1243 szOID_COUNTRY_NAME = '2.5.4.6'; // printable 2char string 1244 szOID_LOCALITY_NAME = '2.5.4.7'; // case-ignore string 1245 szOID_STATE_OR_PROVINCE_NAME = '2.5.4.8'; // case-ignore string 1246 szOID_STREET_ADDRESS = '2.5.4.9'; // case-ignore string 1247 1248// Organizational attribute types: 1249 szOID_ORGANIZATION_NAME = '2.5.4.10';// case-ignore string 1250 szOID_ORGANIZATIONAL_UNIT_NAME = '2.5.4.11'; // case-ignore string 1251 szOID_TITLE = '2.5.4.12'; // case-ignore string 1252 1253// Explanatory attribute types: 1254 szOID_DESCRIPTION = '2.5.4.13'; // case-ignore string 1255 szOID_SEARCH_GUIDE = '2.5.4.14'; 1256 szOID_BUSINESS_CATEGORY = '2.5.4.15'; // case-ignore string 1257 1258// Postal addressing attribute types: 1259 szOID_POSTAL_ADDRESS = '2.5.4.16'; 1260 szOID_POSTAL_CODE = '2.5.4.17'; // case-ignore string 1261 szOID_POST_OFFICE_BOX = '2.5.4.18'; // case-ignore string 1262 szOID_PHYSICAL_DELIVERY_OFFICE_NAME = '2.5.4.19'; // case-ignore string 1263 1264// Telecommunications addressing attribute types: 1265 szOID_TELEPHONE_NUMBER = '2.5.4.20'; // telephone number 1266 szOID_TELEX_NUMBER = '2.5.4.21'; 1267 szOID_TELETEXT_TERMINAL_IDENTIFIER = '2.5.4.22'; 1268 szOID_FACSIMILE_TELEPHONE_NUMBER = '2.5.4.23'; 1269 szOID_X21_ADDRESS = '2.5.4.24'; // numeric string 1270 szOID_INTERNATIONAL_ISDN_NUMBER = '2.5.4.25'; // numeric string 1271 szOID_REGISTERED_ADDRESS = '2.5.4.26'; 1272 szOID_DESTINATION_INDICATOR = '2.5.4.27'; // printable string 1273 1274// Preference attribute types: 1275 szOID_PREFERRED_DELIVERY_METHOD = '2.5.4.28'; 1276 1277// OSI application attribute types: 1278 szOID_PRESENTATION_ADDRESS = '2.5.4.29'; 1279 szOID_SUPPORTED_APPLICATION_CONTEXT = '2.5.4.30'; 1280 1281// Relational application attribute types: 1282 szOID_MEMBER = '2.5.4.31'; 1283 szOID_OWNER = '2.5.4.32'; 1284 szOID_ROLE_OCCUPANT = '2.5.4.33'; 1285 szOID_SEE_ALSO = '2.5.4.34'; 1286 1287// Security attribute types: 1288 szOID_USER_PASSWORD = '2.5.4.35'; 1289 szOID_USER_CERTIFICATE = '2.5.4.36'; 1290 szOID_CA_CERTIFICATE = '2.5.4.37'; 1291 szOID_AUTHORITY_REVOCATION_LIST = '2.5.4.38'; 1292 szOID_CERTIFICATE_REVOCATION_LIST = '2.5.4.39'; 1293 szOID_CROSS_CERTIFICATE_PAIR = '2.5.4.40'; 1294 1295// Undocumented attribute types??? 1296//#define szOID_??? '2.5.4.41' 1297 szOID_GIVEN_NAME = '2.5.4.42'; // case-ignore string 1298 szOID_INITIALS = '2.5.4.43'; // case-ignore string 1299 1300// Pilot user attribute types: 1301 szOID_DOMAIN_COMPONENT = '0.9.2342.19200300.100.1.25'; // IA5 string 1302 1303//+------------------------------------------------------------------------- 1304// CERT_RDN Attribute Value Types 1305// 1306// For RDN_ENCODED_BLOB, the Value's CERT_RDN_VALUE_BLOB is in its encoded 1307// representation. Otherwise, its an array of bytes. 1308// 1309// For all CERT_RDN types, Value.cbData is always the number of bytes, not 1310// necessarily the number of elements in the string. For instance, 1311// RDN_UNIVERSAL_STRING is an array of ints (cbData == intCnt * 4) and 1312// RDN_BMP_STRING is an array of unsigned shorts (cbData == ushortCnt * 2). 1313// 1314// For CertDecodeName, two 0 bytes are always appended to the end of the 1315// string (ensures a CHAR or WCHAR string is null terminated). 1316// These added 0 bytes are't included in the BLOB.cbData. 1317//-------------------------------------------------------------------------- 1318 1319const 1320 CERT_RDN_ANY_TYPE = 0; 1321 CERT_RDN_ENCODED_BLOB = 1; 1322 CERT_RDN_OCTET_STRING = 2; 1323 CERT_RDN_NUMERIC_STRING = 3; 1324 CERT_RDN_PRINTABLE_STRING = 4; 1325 CERT_RDN_TELETEX_STRING = 5; 1326 CERT_RDN_T61_STRING = 5; 1327 CERT_RDN_VIDEOTEX_STRING = 6; 1328 CERT_RDN_IA5_STRING = 7; 1329 CERT_RDN_GRAPHIC_STRING = 8; 1330 CERT_RDN_VISIBLE_STRING = 9; 1331 CERT_RDN_ISO646_STRING = 9; 1332 CERT_RDN_GENERAL_STRING = 10; 1333 CERT_RDN_UNIVERSAL_STRING = 11; 1334 CERT_RDN_INT4_STRING = 11; 1335 CERT_RDN_BMP_STRING = 12; 1336 CERT_RDN_UNICODE_STRING = 12; 1337 1338 1339// Macro to check that the dwValueType is a character string and not an 1340// encoded blob or octet string 1341function IS_CERT_RDN_CHAR_STRING(X :DWORD) :BOOL; 1342 1343//+------------------------------------------------------------------------- 1344// A CERT_RDN consists of an array of the above attributes 1345//-------------------------------------------------------------------------- 1346 1347type 1348 PCERT_RDN = ^CERT_RDN; 1349 CERT_RDN = record 1350 cRDNAttr :DWORD; 1351 rgRDNAttr :PCERT_RDN_ATTR; 1352 end; 1353 1354//+------------------------------------------------------------------------- 1355// Information stored in a subject's or issuer's name. The information 1356// is represented as an array of the above RDNs. 1357//-------------------------------------------------------------------------- 1358 1359type 1360 PCERT_NAME_INFO = ^CERT_NAME_INFO; 1361 CERT_NAME_INFO = record 1362 cRDN :DWORD; 1363 rgRDN :PCERT_RDN; 1364 end; 1365 1366//+------------------------------------------------------------------------- 1367// Name attribute value without the Object Identifier 1368// 1369// The interpretation of the Value depends on the dwValueType. 1370// See above for a list of the types. 1371//-------------------------------------------------------------------------- 1372 1373type 1374 PCERT_NAME_VALUE = ^CERT_NAME_VALUE; 1375 CERT_NAME_VALUE = record 1376 dwValueType :DWORD; 1377 Value :CERT_RDN_VALUE_BLOB; 1378 end; 1379 1380//+------------------------------------------------------------------------- 1381// Public Key Info 1382// 1383// The PublicKey is the encoded representation of the information as it is 1384// stored in the bit string 1385//-------------------------------------------------------------------------- 1386 1387type 1388 PCERT_PUBLIC_KEY_INFO = ^CERT_PUBLIC_KEY_INFO; 1389 CERT_PUBLIC_KEY_INFO = record 1390 Algorithm :CRYPT_ALGORITHM_IDENTIFIER; 1391 PublicKey :CRYPT_BIT_BLOB; 1392 end; 1393 1394const 1395 CERT_RSA_PUBLIC_KEY_OBJID = szOID_RSA_RSA; 1396 CERT_DEFAULT_OID_PUBLIC_KEY_SIGN = szOID_RSA_RSA; 1397 CERT_DEFAULT_OID_PUBLIC_KEY_XCHG = szOID_RSA_RSA; 1398 1399//+------------------------------------------------------------------------- 1400// Information stored in a certificate 1401// 1402// The Issuer, Subject, Algorithm, PublicKey and Extension BLOBs are the 1403// encoded representation of the information. 1404//-------------------------------------------------------------------------- 1405 1406type 1407 PCERT_INFO = ^CERT_INFO; 1408 CERT_INFO = record 1409 dwVersion :DWORD; 1410 SerialNumber :CRYPT_INTEGER_BLOB; 1411 SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER; 1412 Issuer :CERT_NAME_BLOB; 1413 NotBefore :TFILETIME; 1414 NotAfter :TFILETIME; 1415 Subject :CERT_NAME_BLOB; 1416 SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO; 1417 IssuerUniqueId :CRYPT_BIT_BLOB; 1418 SubjectUniqueId :CRYPT_BIT_BLOB; 1419 cExtension :DWORD; 1420 rgExtension :PCERT_EXTENSION; 1421 end; 1422 1423//+------------------------------------------------------------------------- 1424// Certificate versions 1425//-------------------------------------------------------------------------- 1426const 1427 CERT_V1 = 0; 1428 CERT_V2 = 1; 1429 CERT_V3 = 2; 1430 1431//+------------------------------------------------------------------------- 1432// Certificate Information Flags 1433//-------------------------------------------------------------------------- 1434 1435 CERT_INFO_VERSION_FLAG = 1; 1436 CERT_INFO_SERIAL_NUMBER_FLAG = 2; 1437 CERT_INFO_SIGNATURE_ALGORITHM_FLAG = 3; 1438 CERT_INFO_ISSUER_FLAG = 4; 1439 CERT_INFO_NOT_BEFORE_FLAG = 5; 1440 CERT_INFO_NOT_AFTER_FLAG = 6; 1441 CERT_INFO_SUBJECT_FLAG = 7; 1442 CERT_INFO_SUBJECT_PUBLIC_KEY_INFO_FLAG = 8; 1443 CERT_INFO_ISSUER_UNIQUE_ID_FLAG = 9; 1444 CERT_INFO_SUBJECT_UNIQUE_ID_FLAG = 10; 1445 CERT_INFO_EXTENSION_FLAG = 11; 1446 1447//+------------------------------------------------------------------------- 1448// An entry in a CRL 1449// 1450// The Extension BLOBs are the encoded representation of the information. 1451//-------------------------------------------------------------------------- 1452 1453type 1454 PCRL_ENTRY = ^CRL_ENTRY; 1455 CRL_ENTRY = record 1456 SerialNumber :CRYPT_INTEGER_BLOB; 1457 RevocationDate :TFILETIME; 1458 cExtension :DWORD; 1459 rgExtension :PCERT_EXTENSION; 1460 end; 1461 1462//+------------------------------------------------------------------------- 1463// Information stored in a CRL 1464// 1465// The Issuer, Algorithm and Extension BLOBs are the encoded 1466// representation of the information. 1467//-------------------------------------------------------------------------- 1468 1469type 1470 PCRL_INFO = ^CRL_INFO; 1471 CRL_INFO = record 1472 dwVersion :DWORD; 1473 SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER; 1474 Issuer :CERT_NAME_BLOB; 1475 ThisUpdate :TFILETIME; 1476 NextUpdate :TFILETIME; 1477 cCRLEntry :DWORD; 1478 rgCRLEntry :PCRL_ENTRY; 1479 cExtension :DWORD; 1480 rgExtension :PCERT_EXTENSION; 1481 end; 1482 1483//+------------------------------------------------------------------------- 1484// CRL versions 1485//-------------------------------------------------------------------------- 1486const 1487 CRL_V1 = 0; 1488 CRL_V2 = 1; 1489 1490//+------------------------------------------------------------------------- 1491// Information stored in a certificate request 1492// 1493// The Subject, Algorithm, PublicKey and Attribute BLOBs are the encoded 1494// representation of the information. 1495//-------------------------------------------------------------------------- 1496 1497type 1498 PCERT_REQUEST_INFO = ^CERT_REQUEST_INFO; 1499 CERT_REQUEST_INFO = record 1500 dwVersion :DWORD; 1501 Subject :CERT_NAME_BLOB; 1502 SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO; 1503 cAttribute :DWORD; 1504 rgAttribute :PCRYPT_ATTRIBUTE; 1505 end; 1506 1507//+------------------------------------------------------------------------- 1508// Certificate Request versions 1509//-------------------------------------------------------------------------- 1510const CERT_REQUEST_V1 = 0; 1511 1512//+------------------------------------------------------------------------- 1513// Information stored in Netscape's Keygen request 1514//-------------------------------------------------------------------------- 1515type 1516 PCERT_KEYGEN_REQUEST_INFO = ^CERT_KEYGEN_REQUEST_INFO; 1517 CERT_KEYGEN_REQUEST_INFO = record 1518 dwVersion :DWORD; 1519 SubjectPublicKeyInfo :CERT_PUBLIC_KEY_INFO; 1520 pwszChallengeString :LPWSTR; // encoded as IA5 1521 end; 1522 1523const 1524 CERT_KEYGEN_REQUEST_V1 = 0; 1525 1526 1527//+------------------------------------------------------------------------- 1528// Certificate, CRL, Certificate Request or Keygen Request Signed Content 1529// 1530// The "to be signed" encoded content plus its signature. The ToBeSigned 1531// is the encoded CERT_INFO, CRL_INFO, CERT_REQUEST_INFO or 1532// CERT_KEYGEN_REQUEST_INFO. 1533//-------------------------------------------------------------------------- 1534type 1535 PCERT_SIGNED_CONTENT_INFO = ^CERT_SIGNED_CONTENT_INFO; 1536 CERT_SIGNED_CONTENT_INFO = record 1537 ToBeSigned :CRYPT_DER_BLOB; 1538 SignatureAlgorithm :CRYPT_ALGORITHM_IDENTIFIER; 1539 Signature :CRYPT_BIT_BLOB; 1540end; 1541 1542//+------------------------------------------------------------------------- 1543// Certificate Trust List (CTL) 1544//-------------------------------------------------------------------------- 1545 1546//+------------------------------------------------------------------------- 1547// CTL Usage. Also used for EnhancedKeyUsage extension. 1548//-------------------------------------------------------------------------- 1549 1550type 1551 PCTL_USAGE =^CTL_USAGE; 1552 CTL_USAGE = record 1553 cUsageIdentifier :DWORD; 1554 rgpszUsageIdentifier :PLPSTR; // array of pszObjId 1555 end; 1556 1557type 1558 CERT_ENHKEY_USAGE = CTL_USAGE; 1559 PCERT_ENHKEY_USAGE = ^CERT_ENHKEY_USAGE; 1560 1561 1562//+------------------------------------------------------------------------- 1563// An entry in a CTL 1564//-------------------------------------------------------------------------- 1565type 1566 PCTL_ENTRY = ^CTL_ENTRY; 1567 CTL_ENTRY = record 1568 SubjectIdentifier :CRYPT_DATA_BLOB; // For example, its hash 1569 cAttribute :DWORD; 1570 rgAttribute :PCRYPT_ATTRIBUTE; // OPTIONAL 1571 end; 1572 1573//+------------------------------------------------------------------------- 1574// Information stored in a CTL 1575//-------------------------------------------------------------------------- 1576type 1577 PCTL_INFO = ^CTL_INFO; 1578 CTL_INFO = record 1579 dwVersion :DWORD; 1580 SubjectUsage :CTL_USAGE; 1581 ListIdentifier :CRYPT_DATA_BLOB; // OPTIONAL 1582 SequenceNumber :CRYPT_INTEGER_BLOB; // OPTIONAL 1583 ThisUpdate :TFILETIME; 1584 NextUpdate :TFILETIME; // OPTIONAL 1585 SubjectAlgorithm :CRYPT_ALGORITHM_IDENTIFIER; 1586 cCTLEntry :DWORD; 1587 rgCTLEntry :PCTL_ENTRY; // OPTIONAL 1588 cExtension :DWORD; 1589 rgExtension :PCERT_EXTENSION; // OPTIONAL 1590 end; 1591 1592//+------------------------------------------------------------------------- 1593// CTL versions 1594//-------------------------------------------------------------------------- 1595const 1596 CTL_V1 = 0; 1597 1598//+------------------------------------------------------------------------- 1599// TimeStamp Request 1600// 1601// The pszTimeStamp is the OID for the Time type requested 1602// The pszContentType is the Content Type OID for the content, usually DATA 1603// The Content is a un-decoded blob 1604//-------------------------------------------------------------------------- 1605 1606type 1607 PCRYPT_TIME_STAMP_REQUEST_INFO = ^CRYPT_TIME_STAMP_REQUEST_INFO; 1608 CRYPT_TIME_STAMP_REQUEST_INFO = record 1609 pszTimeStampAlgorithm :LPSTR; // pszObjId 1610 pszContentType :LPSTR; // pszObjId 1611 Content :CRYPT_OBJID_BLOB; 1612 cAttribute :DWORD; 1613 rgAttribute :PCRYPT_ATTRIBUTE; 1614 end; 1615 1616//+------------------------------------------------------------------------- 1617// Certificate and Message encoding types 1618// 1619// The encoding type is a DWORD containing both the certificate and message 1620// encoding types. The certificate encoding type is stored in the LOWORD. 1621// The message encoding type is stored in the HIWORD. Some functions or 1622// structure fields require only one of the encoding types. The following 1623// naming convention is used to indicate which encoding type(s) are 1624// required: 1625// dwEncodingType (both encoding types are required) 1626// dwMsgAndCertEncodingType (both encoding types are required) 1627// dwMsgEncodingType (only msg encoding type is required) 1628// dwCertEncodingType (only cert encoding type is required) 1629// 1630// Its always acceptable to specify both. 1631//-------------------------------------------------------------------------- 1632 1633const 1634 CERT_ENCODING_TYPE_MASK = $0000FFFF; 1635 CMSG_ENCODING_TYPE_MASK = $FFFF0000; 1636 1637//#define GET_CERT_ENCODING_TYPE(X) (X & CERT_ENCODING_TYPE_MASK) 1638//#define GET_CMSG_ENCODING_TYPE(X) (X & CMSG_ENCODING_TYPE_MASK) 1639function GET_CERT_ENCODING_TYPE(X :DWORD):DWORD; 1640function GET_CMSG_ENCODING_TYPE(X :DWORD):DWORD; 1641 1642const 1643 CRYPT_ASN_ENCODING = $00000001; 1644 CRYPT_NDR_ENCODING = $00000002; 1645 X509_ASN_ENCODING = $00000001; 1646 X509_NDR_ENCODING = $00000002; 1647 PKCS_7_ASN_ENCODING = $00010000; 1648 PKCS_7_NDR_ENCODING = $00020000; 1649 1650//+------------------------------------------------------------------------- 1651// format the specified data structure according to the certificate 1652// encoding type. 1653// 1654//-------------------------------------------------------------------------- 1655 1656function CryptFormatObject(dwCertEncodingType :DWORD; 1657 dwFormatType :DWORD; 1658 dwFormatStrType :DWORD; 1659 pFormatStruct :PVOID; 1660 lpszStructType :LPCSTR; 1661 const pbEncoded :PBYTE; 1662 cbEncoded :DWORD; 1663 pbFormat :PVOID; 1664 pcbFormat :PDWORD):BOOL ; stdcall; 1665 1666//+------------------------------------------------------------------------- 1667// Encode / decode the specified data structure according to the certificate 1668// encoding type. 1669// 1670// See below for a list of the predefined data structures. 1671//-------------------------------------------------------------------------- 1672 1673function CryptEncodeObject(dwCertEncodingType :DWORD; 1674 lpszStructType :LPCSTR; 1675 const pvStructInfo :PVOID; 1676 pbEncoded :PBYTE; 1677 pcbEncoded :PDWORD ):BOOL ; stdcall; 1678 1679function CryptDecodeObject(dwCertEncodingType :DWORD; 1680 lpszStructType :LPCSTR; 1681 const pbEncoded :PBYTE; 1682 cbEncoded :DWORD; 1683 dwFlags :DWORD; 1684 pvStructInfo :PVOID; 1685 pcbStructInfo :PDWORD):BOOL ; stdcall; 1686 1687// When the following flag is set the nocopy optimization is enabled. 1688// This optimization where appropriate, updates the pvStructInfo fields 1689// to point to content residing within pbEncoded instead of making a copy 1690// of and appending to pvStructInfo. 1691// 1692// Note, when set, pbEncoded can't be freed until pvStructInfo is freed. 1693const 1694 CRYPT_DECODE_NOCOPY_FLAG = $1; 1695 1696//+------------------------------------------------------------------------- 1697// Predefined X509 certificate data structures that can be encoded / decoded. 1698//-------------------------------------------------------------------------- 1699 CRYPT_ENCODE_DECODE_NONE = 0; 1700 X509_CERT = (LPCSTR(1)); 1701 X509_CERT_TO_BE_SIGNED = (LPCSTR(2)); 1702 X509_CERT_CRL_TO_BE_SIGNED = (LPCSTR(3)); 1703 X509_CERT_REQUEST_TO_BE_SIGNED = (LPCSTR(4)); 1704 X509_EXTENSIONS = (LPCSTR(5)); 1705 X509_NAME_VALUE = (LPCSTR(6)); 1706 X509_NAME = (LPCSTR(7)); 1707 X509_PUBLIC_KEY_INFO = (LPCSTR(8)); 1708 1709//+------------------------------------------------------------------------- 1710// Predefined X509 certificate extension data structures that can be 1711// encoded / decoded. 1712//-------------------------------------------------------------------------- 1713 X509_AUTHORITY_KEY_ID = (LPCSTR(9)); 1714 X509_KEY_ATTRIBUTES = (LPCSTR(10)); 1715 X509_KEY_USAGE_RESTRICTION